Sec. 1625. Strategic Cybersecurity Program
482 words·~2 min read·
/bill/115/hr/2810/eas/section-1625A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
The Secretary of Defense shall establish a program to be known as the Strategic Cybersecurity Program or SCP (in this section referred to as the Program ). The Program shall be comprised of personnel assigned to the Program by the Secretary from among personnel, including regular and reserve members of the Armed Forces, civilian employees of the Department, and personnel of the research laboratories of the Department of Defense and the Department of Energy, who have particular expertise in the responsibility to be discharged by the Program.
Any personnel assigned to the Program from among personnel of the Department of Energy shall be so assigned with the concurrence of the Secretary of Energy. The responsibility of the Program shall be to carry out activities (commonly referred to as red-teaming ) to continuously assess the information assurance and improve the overall effectiveness of the following of the United States Government: Offensive cyber systems. Long-range strike systems. Nuclear deterrent systems. National security systems.
Critical infrastructure of the Department of Defense (as that term is defined in section 1650(f)(1) of the National Defense Authorization Act for Fiscal Year 2017 ( Public Law 114–329 )). In carrying out its activities, the Program shall carry out appropriate reviews of current systems and infrastructure and acquisition plans for proposed systems and infrastructure. The review of an acquisition plan for any proposed system or infrastructure shall be carried out before Milestone B approval for such system or infrastructure.
The results of each review carried out by the Program pursuant to paragraph (2), including any remedial action recommended by the Program pursuant to such review, shall be made available to any agencies or organizations of the Department involved in the development, procurement, operation, or maintenance of the system or infrastructure concerned. The Director of the National Security Agency shall submit to the Secretary of Defense and the congressional defense committees on a quarterly basis a report on the activities of the Program during the preceding calendar quarter.
Each report shall include the following: A description of the activities of the Program during the calendar quarter covered by such report. A description of particular challenges encountered in the course of the activities of the Program during such calendar quarter, and of actions taken to address such challenges. A description of the current plans of the Program for additional activities. Of the amount authorized to be appropriated for fiscal year 2018 for operation and maintenance, Defense-wide, by section 301 and available for the Information Systems Security Program as specified in the funding table in section 4301, up to $100,000,000 may be available for the Strategic Cybersecurity Program and its activities in fiscal year 2018.
It is the sense of Congress that the activities conducted under the Program should address the most critical systems of the Department of Defense and should supplement, not supplant, the Cyber Protection Teams of the Department of Defense.
Connectionstraces to 1
Traces to 1 document
public-private-law
Citation graph
cites case law
Sec. 1625
Strategic Cybersecurity Program
Cites 1Cited by 0 across 0 sources